4.4. Summary

In this chapter, we've had an overview of the most commonly
known feature of Java's security story: the security manager.
The security manager is responsible for arbitrating access to what we
normally consider operating system features--files, network
sockets, printers, etc. The goal of the security manager is to grant
access to each class according to the amount of trust the user has in
the class. Often, that means granting full access to trusted classes
(that is, classes that have been loaded from the filesystem) while
limiting access when the access is requested from an untrusted class
(that is, a class that has been loaded from the network).

Although the security manager is the most commonly known feature of
Java's security story, it's often misunderstood: there is
no standard security manager among Java implementations, and Java
applications, by default, have no security manager at all. Even with
the popular Java-enabled browsers, the user often has latitude in
what protections the security manager will be asked to enforce.

We examined in this chapter all the times when the security manager
is asked to make a decision regarding access; such decisions range
from the expected file and network access to more esoteric decisions,
such as whether a frame needs a warning banner or what thread group a
particular thread should belong to. This gave us a basic
understanding of how the security manager can be used to enforce a
specific policy, and the issues involved when defining such a policy.
This knowledge will be used as a basis in the next few chapters, when
we'll look at how to implement our own security manager.